Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
A vulnerability in Ritlabs TinyWeb 1.92 could result in information disclosure.
June 3, 2004
Reported June 03, 2004, by GSSIT
VERSIONS AFFECTED
DESCRIPTION
A vulnerability in Ritlabs TinyWeb 1.92 could result in information disclosure.A hacker could use TinyWeb to download and obtain the scripts located in a Website's cgi-bin directory by issuing a simple HTTP GET request to the Web serverfor the Uniform Resource Identifier (URI) /cgi-bin/./[Script Name].
VENDOR RESPONSE
Ritlabs has releasedversion 1.93, which isn't vulnerable to this condition.
CREDIT
Discovered by GSSIT.
You May Also Like